Asana Webhook Verification

Emily_Pasiak · 29 September 2021 17:25

I am struggling to get asana webhook verification to work using JavaScript.
I store the secret and use it to compute the hash but the comparisons are constantly failing.
Any ideas why?

This is the general code I have:

    async verify(req) {
      const signature = req.headers['x-hook-signature'];

      const digest = crypto.hmac(
        'sha256',
        hook_secret,
        req.payload,
      );

      const segmentSig = Buffer.from(signature, 'base64');

      if (crypto.timingSafeEqual(digest, segmentSig)) {
        return true;
      }

      return false;
    },

Topic		Replies	Views
Asana API Webhooks - verifying X-Hook-Signature in Node & TS Developers & API api , authentication , webhooks	6	2144	30 November 2022
Incoming webhooks signing secret approach to HMAC validation Developers & API webhooks	3	1725	14 October 2020
Secret used in hmac for webhook seems to be incorrect Developers & API webhooks	0	1283	4 March 2020
Verifying X-Hook-Signature on Asana Webhook Developers & API webhooks	3	2471	26 October 2020
Not able to perform webhook handshake? Developers & API webhooks	3	2264	15 June 2021

Asana Webhook Verification

Related Topics